<?php 
	$pcode	= strip_tags($params[0]);

	if($_SERVER["REQUEST_METHOD"]=="POST") {
		$key	= 'v6hp547'.date('Y-m-d');
		$p		= $_SESSION['p_order'] ? $_SESSION['p_order'] : array();

		$color	= $_POST['color'];
		$size	= $_POST['size'];
		
		if(!$pcode or !$color or !$size){
			die("Product not found !");
		}
		$sql	= "SELECT `product_id` , `price` FROM `v_product` WHERE MD5(CONCAT(`product_id`, '$key')) = '". $pcode ."' AND `status` = '1' LIMIT 1";
		$query = mysql_query($sql) or die("Product not found !");
		while($result = mysql_fetch_assoc($query)) {
		/*	if(in_array($result['product_id'], $p)) {
				die('คุณได้ทำการเพิ่มรายการนี้แล้วค่ะ');
			}*/
			
			$color	= $_POST['color'];
			$size	= $_POST['size'];
			$res = array('product_id' => $result['product_id'],'price' => $result['price'],'color'=>$color, 'size'=>$size);
			array_push($p,$res);
			$_SESSION['p_order'] = $p;
			echo '';
			exit;
		}
		mysql_free_result($query);
		echo 'fail';
		exit;
	}
?>